US DoD NIPRNet access via Atlassian SSRF

Type

Research

Actors

Pub. date

April 9, 2018

Initial access

1-day vulnerability

Impact

Resp. disclosure

Observed techniques

SSRFIMDS abuse

Targeted technologies

Confluence ServerJira Server

References

https://hackerone.com/reports/326040https://infosecwriteups.com/piercing-the-veil-server-side-request-forgery-to-niprnet-access-c358fd5e249a

Status

Stub

Last edited

Jun 2, 2024 8:02 AM